Why is a Lisbon soccer team trying to unmask Portuguese bloggers in US court?

Enlarge/ Pizzi of SL Benfica in action during the Liga NOS match between SL Benfica and FC Porto at Estadio da Luz on October 7, 2018 in Lisbon, Portugal.Gualter Fatia/Getty Images

In April 2018, a professional Portuguese soccer team sued three major American tech companies–Google, Cloudflare, and Automattic–in federal court in Los Angeles. The soccer club, Benfica, alleged that the American companies were partially responsible for disseminating internal memos, presentations, and emails obtained via a 2017 phishing attack against it. However, in recent weeks, American lawyers for Benfica agreed to remove the tech firms from the lawsuit, most of whom had formally filed motions to dismiss previously.

Strangely, the club’s attorneys have also recently asked the court to “order the disabling” of two anonymous blogs that have continued to disseminate the material, despite the fact that multiple Portuguese media outlets have also published some of the same documents as well. But while Google has been removed as a defendant, last month the company formally notified two Portuguese soccer bloggers that it may give their subscriber information to Benfica as part of the lawsuit. The blogs–Artista Do Dia and Mister Do Cafe–use Blogspot, a website owned by Google.

Those bloggers can try to “quash” the subpoena by having a California attorney appear on their behalf, a move that could be quite expensive. “To respond to this summons [we] would have to pay tens of thousands of dollars and that answer would not guarantee anything,” wrote Mister Do Cafe in a Portuguese-language post from Thursday. “The court could even give me reason, but that would not prevent Benfica from returning to the case with other subpoenas. This disproportion of means between a simple blog and a billing company is an impediment to any kind of justice in the American judicial system.

It is what I call the justice of money.”

Come out, come out wherever you are

The lawsuit, Sport Lisboa e Benfica v. John Doe et al, primarily names an unknown person (or persons) who were responsible for the attack and alleges violations of numerous American laws, including the Computer Fraud and Abuse Act and the Stored Communications Act, among others. For now, the lawsuit has provided no evidence that the alleged “hacker” is even in the United States, much less in the Los Angeles area, where the case was filed.

It is unclear why this lawsuit has been brought in an American federal court at all, particularly given that, as Google itself noted in an earlier filing, the actual phishing attack took place in Portugal. These documents obtained through the phishing attack contained explosive purported revelations, according to The New York Times, which reported on the case on Wednesday:

It included a Benfica slide show detailing an apparent effort to gain greater influence over federation and league officials, as well as details of how the club spent a large sum of money on a witch doctor from Guinea-Bissau to boost the team’s performances. There were also documents suggesting connections between the club and the men responsible for overseeing refereeing in Portugal.

Finally, by late last year, the Benfica documents began appearing on an anonymous Portuguese-language blog, called O Mercado do Benfica (“The Benfica Market”).

Attorneys for Benfica have also gone after Regtime Ltd. and Realistic Group LLC (who operates http://rgho.st/), two Russian companies that temporarily hosted some of the files online. But legally serving entities in Russia is nearly always a futile effort, as for 15 years, Russia has refused to comply with the international treaty known as the Hague Convention that describes rules for serving defendants in foreign countries. The soccer club has also named a Canadian company, FranTech Solutions, as a defendant and is currently undergoing the procedure to legally serve them as well.

Christopher Gonzalez, one of Benfica’s lawyers, based in Pasadena, California, did not respond to Ars’ request for comment.